|
|
|
|
Requirements:
- Asus WL500gP as home router - Firmware from oleg.wl500g.info - Real IP address from your ISP ---> On your home router:
1. Connect to home router using telnet
telnet router.domain.org
2. Create required dir in the flashfs space using
mkdir -p /usr/local/etc/dropbear
3. Generate the DSS key by typing
dropbearkey -t dss -f /usr/local/etc/dropbear/dropbear_dss_host_key
4. Generate the RSA key by typing
dropbearkey -t rsa -f /usr/local/etc/dropbear/dropbear_rsa_host_key
5. Adding lines to the startup script "post-boot":
# you do not need to enter 3 lines below if you've post-boot and
# post-firewall already
mkdir -p /usr/local/sbin/
echo "#!/bin/sh" >> /usr/local/sbin/post-boot && chmod +x /usr/local/sbin/post-boot
echo "#!/bin/sh" >> /usr/local/sbin/post-firewall && chmod +x /usr/local/sbin/post-firewall
echo "dropbear -a" >> /usr/local/sbin/post-boot
echo "iptables -I INPUT -m tcp -p tcp --dport 2222 -j ACCEPT" >> /usr/local/sbin/post-firewall
6. Store your authorized keys in the:
/usr/local/root/.ssh/authorized_keys
7. Save to flashfs and enable it
flashfs save && flashfs commit && flashfs enable
8. Reboot router
---> On your workstation in corporate LAN:
9. Create shell script that will be triggered by the cron
echo '#!/bin/sh' >> /home/username/reverse_ssh_tunnel.sh
echo 'COMMAND="ssh -N -f -R Home_Router_WAN_IP_Address:2222:localhost:22 root@router.domain.org"' >> /home/username/reverse_ssh_tunnel.sh
echo 'pgrep -f -x "$COMMAND" > /dev/null 2>&1 || $COMMAND' >> /home/username/reverse_ssh_tunnel.sh
crontab -e
and add:
*/5 * * * * /bin/sh /home/username/reverse_ssh_tunnel.sh
10. Take coffe break for 5 min
---> From any host from anywhere: 11. ssh -X -p 2222 username@router.domain.org 12. Enjoy! |